MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 dd6d19f69137a5e40e315f116a83c5fbd5cda4e8609ff20b3bd10b3a3705cb30. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Intelligence 1 File information 3 Yara Comments

SHA256 hash: dd6d19f69137a5e40e315f116a83c5fbd5cda4e8609ff20b3bd10b3a3705cb30
SHA3-384 hash: 3848f00975712950cd6e420036a938f9ef00584868da068c97fd93b10a0d668d961eb4df87dc6c3ed2e0efd66318dda7
SHA1 hash: 698bcf06a4cc79e27f47ab9dd46f99832898f915
MD5 hash: 18f0ffe93c7cd16466d9d6d3808ca07d
humanhash: red-oranges-gee-batman
File name:18f0ffe93c7cd16466d9d6d3808ca07d.exe
Download: download sample
Signature RaccoonStealer
File size:576'512 bytes
First seen:2020-06-30 13:30:28 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 35ed5e7633104cdb4d705447e852368c
ssdeep 12288:khmwnKIZ2uemIMuq0EUbnqxKVXNVbp4vKzlyqsRYrjhKrgy2Wvl0:ktR2uemIMb0VqoV99m2lyPR2jUrvzS
TLSH 96C412127783C07FE8359A707264C6B15D3F7C71666A819733A8563A1E703E26F2EB09
Reporter @abuse_ch
Tags:exe RaccoonStealer


Mail intelligence No data
# of uploads 1
# of downloads 36
Origin country US US
CAPE Sandbox Detection:n/a
ClamAV PUA.Win.Downloader.Aiis-6803892-0
CERT.PL MWDB Detection:n/a
ReversingLabs :Status:Malicious
Threat name:Win32.Trojan.Kryptik
First seen:2020-06-30 13:32:06 UTC
AV detection:25 of 31 (80.65%)
Threat level:   5/5
Spamhaus Hash Blocklist :Malicious file
Hatching Triage Score:   10/10
Malware Family:redline
Tags:ransomware stealer family:raccoon evasion spyware trojan infostealer family:redline discovery
VirusTotal:Virustotal results 37.50%

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download


Executable exe dd6d19f69137a5e40e315f116a83c5fbd5cda4e8609ff20b3bd10b3a3705cb30

(this sample)

Delivery method
Distributed via web download